Refactor agent with new client logic

b5c97c0b · Gospodin Bodurov · a805c8bc · b5c97c0b · b5c97c0b · b5c97c0b
Commit b5c97c0b authored 6 years ago by Gospodin Bodurov
--- a/Gopkg.toml
+++ b/Gopkg.toml
 [[constraint]]
-  branch = "master"
+  branch = "hyperledger-audit-log"
  name = "code.vereign.com/code/viam-apis"

 [[constraint]]

--- a/server/configs.go
+++ b/server/configs.go
-package server
+package config

 import (
 	"log"
+
+	"code.vereign.com/code/viam-apis/authentication"
 	"github.com/spf13/viper"
 )

-var certificationMethod string
-var p PEMReader
-var certificatePEM []byte
-var privateKeyPEM []byte
-var caCertificatePEM []byte
-var vereignCaCertificatePEM []byte
-var vereignCaKeyPEM []byte
+var SystemAuth = &authentication.Authentication{
+	Uuid:    "undefined",
+	Session: "undefined",
+}
+
+var CertificationMethod string
+var P PEMReader
+var CertificatePEM []byte
+var PrivateKeyPEM []byte
+var CaCertificatePEM []byte
+var VereignCaCertificatePEM []byte
+var VereignCaKeyPEM []byte
+
+var MaxMessageSize int
+
+var GrpcListenAddress string
+var RestListenAddress string
+var DataStorageUrl string
+var CertDir string

 func SetConfigValues() {
 	// Set Default Values For Config Variables
@@ -39,16 +53,16 @@ func SetConfigValues() {
 	viper.SetDefault("certificationVereignKeyFile", "vereign_ca.key")

 	/*
-	// Vault Defaults
-	viper.SetDefault("certificationMethod", "2")
-	viper.SetDefault("certificationURL", "http://10.6.10.119:8200")
-	viper.SetDefault("certificationToken", "")
-	viper.SetDefault("certificationPath", "/developers/data/devteam/cert")
-    viper.SetDefault("certificationCertFile", "certificateKey")
-	viper.SetDefault("certificationKeyFile", "privateKey")
-	viper.SetDefault("certificationCaCertFile", "caCertificateKey")
-	viper.SetDefault("certificationVereignCertFile", "vereignCaCertificateKey")
-	viper.SetDefault("certificationVereignKeyFile", "vereignCaPrivateKey")
+			// Vault Defaults
+			viper.SetDefault("certificationMethod", "2")
+			viper.SetDefault("certificationURL", "http://10.6.10.119:8200")
+			viper.SetDefault("certificationToken", "")
+			viper.SetDefault("certificationPath", "/developers/data/devteam/cert")
+		    viper.SetDefault("certificationCertFile", "certificateKey")
+			viper.SetDefault("certificationKeyFile", "privateKey")
+			viper.SetDefault("certificationCaCertFile", "caCertificateKey")
+			viper.SetDefault("certificationVereignCertFile", "vereignCaCertificateKey")
+			viper.SetDefault("certificationVereignKeyFile", "vereignCaPrivateKey")
 	*/

 	// Read Config File
@@ -58,53 +72,69 @@ func SetConfigValues() {
 		log.Printf("can't read config: %s, will use default values", err)
 	}

-	certificationMethod = viper.GetString("certificationMethod")
-	if certificationMethod == "1" {
+	CertificationMethod = viper.GetString("certificationMethod")
+	if CertificationMethod == "1" {
 		// Read From File System
-		p = FilePEMReader{certificationURL: viper.GetString("certificationURL"),
-			certificationToken: viper.GetString("certificationToken"),
-			certificationPath: viper.GetString("certificationPath"),
-			certificationCertFile: viper.GetString("certificationCertFile"),
-			certificationKeyFile: viper.GetString("certificationKeyFile"),
-			certificationCaCertFile: viper.GetString("certificationCaCertFile"),
+		P = FilePEMReader{certificationURL: viper.GetString("certificationURL"),
+			certificationToken:           viper.GetString("certificationToken"),
+			certificationPath:            viper.GetString("certificationPath"),
+			certificationCertFile:        viper.GetString("certificationCertFile"),
+			certificationKeyFile:         viper.GetString("certificationKeyFile"),
+			certificationCaCertFile:      viper.GetString("certificationCaCertFile"),
 			certificationVereignCertFile: viper.GetString("certificationVereignCertFile"),
-			certificationVereignKeyFile: viper.GetString("certificationVereignKeyFile")}
-	} else if certificationMethod == "2" {
+			certificationVereignKeyFile:  viper.GetString("certificationVereignKeyFile")}
+	} else if CertificationMethod == "2" {
 		// Read From Vault
-		p = VaultPEMReader{certificationURL: viper.GetString("certificationURL"),
-			certificationToken: viper.GetString("certificationToken"),
-			certificationPath: viper.GetString("certificationPath"),
-			certificationCertFile: viper.GetString("certificationCertFile"),
-			certificationKeyFile: viper.GetString("certificationKeyFile"),
-			certificationCaCertFile: viper.GetString("certificationCaCertFile"),
+		P = VaultPEMReader{certificationURL: viper.GetString("certificationURL"),
+			certificationToken:           viper.GetString("certificationToken"),
+			certificationPath:            viper.GetString("certificationPath"),
+			certificationCertFile:        viper.GetString("certificationCertFile"),
+			certificationKeyFile:         viper.GetString("certificationKeyFile"),
+			certificationCaCertFile:      viper.GetString("certificationCaCertFile"),
 			certificationVereignCertFile: viper.GetString("certificationVereignCertFile"),
-			certificationVereignKeyFile: viper.GetString("certificationVereignKeyFile")}
+			certificationVereignKeyFile:  viper.GetString("certificationVereignKeyFile")}
 	}

 	// Print all config values to log file
 	log.Printf("All Settings From Config:")
 	as := viper.AllSettings()
 	for key, _ := range as {
-	    log.Printf("%s => %s", key, viper.GetString(key))
+		log.Printf("%s => %s", key, viper.GetString(key))
 	}
+
+	GrpcListenAddress = viper.GetString("grpcListenAddress")
+	RestListenAddress = viper.GetString("restListenAddress")
+
+	DataStorageUrl = viper.GetString("dataStorageUrl")
+
+	SystemAuth.Uuid = viper.GetString("viamUUID")
+	SystemAuth.Session = viper.GetString("viamSession")
+
+	MaxMessageSize = viper.GetInt("maxMessageSize")
+
+	CertificatePEM = GetCertificatePEM()
+	PrivateKeyPEM = GetPrivateKeyPEM()
+	CaCertificatePEM = GetCaCertificatePEM()
+	VereignCaCertificatePEM = GetVereignCaCertificatePEM()
+	VereignCaKeyPEM = GetVereignCaKeyPEM()
 }

 func GetCertificatePEM() []byte {
-	return p.readCertificatePEM()
+	return P.readCertificatePEM()
 }

 func GetPrivateKeyPEM() []byte {
-	return p.readPrivateKeyPEM()
+	return P.readPrivateKeyPEM()
 }

 func GetCaCertificatePEM() []byte {
-	return p.readCaCertificatePEM()
+	return P.readCaCertificatePEM()
 }

 func GetVereignCaCertificatePEM() []byte {
-	return p.readVereignCaCertificatePEM()
+	return P.readVereignCaCertificatePEM()
 }

 func GetVereignCaKeyPEM() []byte {
-	return p.readVereignCaKeyPEM()
-}
\ No newline at end of file
+	return P.readVereignCaKeyPEM()
+}
--- a/server/pem_reader.go
+++ b/server/pem_reader.go
-package server
+package config

 import (
-	"log"
 	"io/ioutil"
+	"log"
+
 	vc "github.com/hashicorp/vault/api"
 )

@@ -15,70 +16,70 @@ type PEMReader interface {
 }

 type FilePEMReader struct {
-	certificationURL string
-	certificationToken string
-	certificationPath string
-	certificationCertFile string
-	certificationKeyFile string
-	certificationCaCertFile string
+	certificationURL             string
+	certificationToken           string
+	certificationPath            string
+	certificationCertFile        string
+	certificationKeyFile         string
+	certificationCaCertFile      string
 	certificationVereignCertFile string
-	certificationVereignKeyFile string
+	certificationVereignKeyFile  string
 }

 func (f FilePEMReader) readCertificatePEM() []byte {
 	pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationCertFile)
-    if err != nil {
+	if err != nil {
 		log.Printf("Error: %v", err)
-        return []byte("")
-    }
+		return []byte("")
+	}
 	return pem
 }

 func (f FilePEMReader) readPrivateKeyPEM() []byte {
-    pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationKeyFile)
-    if err != nil {
+	pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationKeyFile)
+	if err != nil {
 		log.Printf("Error: %v", err)
-        return []byte("")
-    }
+		return []byte("")
+	}
 	return pem
 }

 func (f FilePEMReader) readCaCertificatePEM() []byte {
-    pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationCaCertFile)
-    if err != nil {
+	pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationCaCertFile)
+	if err != nil {
 		log.Printf("Error: %v", err)
-        return []byte("")
-    }
+		return []byte("")
+	}
 	return pem
 }

 func (f FilePEMReader) readVereignCaCertificatePEM() []byte {
-    pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationVereignCertFile)
-    if err != nil {
+	pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationVereignCertFile)
+	if err != nil {
 		log.Printf("Error: %v", err)
-        return []byte("")
-    }
+		return []byte("")
+	}
 	return pem
 }

 func (f FilePEMReader) readVereignCaKeyPEM() []byte {
-    pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationVereignKeyFile)
-    if err != nil {
+	pem, err := ioutil.ReadFile(f.certificationPath + "/" + f.certificationVereignKeyFile)
+	if err != nil {
 		log.Printf("Error: %v", err)
-        return []byte("")
-    }
+		return []byte("")
+	}
 	return pem
 }

 type VaultPEMReader struct {
-	certificationURL string
-	certificationToken string
-	certificationPath string
-	certificationCertFile string
-	certificationKeyFile string
-	certificationCaCertFile string
+	certificationURL             string
+	certificationToken           string
+	certificationPath            string
+	certificationCertFile        string
+	certificationKeyFile         string
+	certificationCaCertFile      string
 	certificationVereignCertFile string
-	certificationVereignKeyFile string
+	certificationVereignKeyFile  string
 }

 func (v VaultPEMReader) readCertificatePEM() []byte {
@@ -97,7 +98,7 @@ func (v VaultPEMReader) readCertificatePEM() []byte {
 	if err != nil {
 		log.Printf("Error: VAULT Can't read value, %s", err)
 	}
-	
+
 	pemMap := secretValues.Data["data"].(map[string]interface{})

 	for propName, propValue := range pemMap {
@@ -124,7 +125,7 @@ func (v VaultPEMReader) readPrivateKeyPEM() []byte {
 	if err != nil {
 		log.Printf("Error: VAULT Can't read value, %s", err)
 	}
-	
+
 	pemMap := secretValues.Data["data"].(map[string]interface{})

 	for propName, propValue := range pemMap {
@@ -151,7 +152,7 @@ func (v VaultPEMReader) readCaCertificatePEM() []byte {
 	if err != nil {
 		log.Printf("Error: VAULT Can't read value, %s", err)
 	}
-	
+
 	pemMap := secretValues.Data["data"].(map[string]interface{})

 	for propName, propValue := range pemMap {
@@ -178,7 +179,7 @@ func (v VaultPEMReader) readVereignCaCertificatePEM() []byte {
 	if err != nil {
 		log.Printf("Error: VAULT Can't read value, %s", err)
 	}
-	
+
 	pemMap := secretValues.Data["data"].(map[string]interface{})

 	for propName, propValue := range pemMap {
@@ -205,7 +206,7 @@ func (v VaultPEMReader) readVereignCaKeyPEM() []byte {
 	if err != nil {
 		log.Printf("Error: VAULT Can't read value, %s", err)
 	}
-	
+
 	pemMap := secretValues.Data["data"].(map[string]interface{})

 	for propName, propValue := range pemMap {
@@ -214,4 +215,4 @@ func (v VaultPEMReader) readVereignCaKeyPEM() []byte {
 		}
 	}
 	return []byte("")
-}
\ No newline at end of file
+}
--- a/handler/generate_keypair.go
+++ b/handler/generate_keypair.go
@@ -18,7 +18,6 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
 package handler

 import (
-	"log"
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
@@ -26,8 +25,9 @@ import (
 	"crypto/sha256"
 	"crypto/x509"
 	"encoding/pem"
+	"log"

-	"code.vereign.com/code/viam-apis/data-storage-agent/client"
+	keyutils "code.vereign.com/code/key-storage-agent/utils"
 	"code.vereign.com/code/viam-apis/key-storage-agent/api"
 	"code.vereign.com/code/viam-apis/utils"
 	"code.vereign.com/code/viam-apis/versions"
@@ -39,13 +39,12 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,

 	auth := s.CreateAuthentication(ctx)

-	client := &client.DataStorageClientImpl{}
-	client.SetUpClient(auth, s.DataStorageUrl, s.CertPEM, s.KeyPEM, s.CaCertPEM, s.MaxMessageSize)
+	client := keyutils.CreateDataStorageClient(auth)
 	defer client.CloseClient()

 	generateKeyPairResponse := &api.GenerateKeyPairResponse{}

-	uuid, err := generateUnusedUUID(client)
+	uuid, err := keyutils.GenerateUnusedUUID(client)
 	if err != nil {
 		log.Printf("Error: %v", err)
 		generateKeyPairResponse.StatusList = utils.AddStatus(generateKeyPairResponse.StatusList,
@@ -76,13 +75,13 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,
 	encryptedPrivateKey := &api.Key{Content: encryptedPrivateKeyBytes}
 	result, errors, err := client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_PRIVATE),
 		encryptedPrivateKey, versions.EntitiesManagementAgentApiVersion)
-	generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
+	generateKeyPairResponse.StatusList = keyutils.HandlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)

 	if generateKeyPairResponse.StatusList == nil || len(generateKeyPairResponse.StatusList) == 0 {
 		publicKey := &api.Key{Content: publicKeyBytes}
 		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_PUBLIC),
 			publicKey, versions.EntitiesManagementAgentApiVersion)
-		generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
+		generateKeyPairResponse.StatusList = keyutils.HandlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
 	}

 	//duplicate logic of ReserveKeyUUID
@@ -90,7 +89,7 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,
 		emptyKey := &api.Key{Content: []byte{}}
 		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_CERTIFICATE),
 			emptyKey, versions.EntitiesManagementAgentApiVersion)
-		generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
+		generateKeyPairResponse.StatusList = keyutils.HandlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
 	}

 	if generateKeyPairResponse.StatusList == nil || len(generateKeyPairResponse.StatusList) == 0 {
@@ -105,7 +104,7 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,
 		encryptedAesKey := &api.Key{Content: encryptedAesKeyBytes}

 		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_AES), encryptedAesKey, versions.EntitiesManagementAgentApiVersion)
-		generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
+		generateKeyPairResponse.StatusList = keyutils.HandlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
 	}

 	if generateKeyPairResponse.StatusList == nil || len(generateKeyPairResponse.StatusList) == 0 {
@@ -120,7 +119,7 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,
 		encryptedNonce := &api.Key{Content: encryptedPrivateKeyNonceBytes}

 		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_NONCE), encryptedNonce, versions.EntitiesManagementAgentApiVersion)
-		generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
+		generateKeyPairResponse.StatusList = keyutils.HandlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
 	}

 	if generateKeyPairResponse.StatusList == nil || len(generateKeyPairResponse.StatusList) == 0 {
@@ -177,7 +176,7 @@ func generateKeyPair(keySize int) ([]byte, []byte, error) {
 }

 func rsaEncryptWithServerKey(certPEM []byte, message []byte, label []byte) ([]byte, error) {
-	serverCertificate, err := readCertificateFromPEM(certPEM)
+	serverCertificate, err := keyutils.ReadCertificateFromPEM(certPEM)
 	if err != nil {
 		log.Printf("Error: %v", err)
 		return nil, err

--- a/handler/handler.go
+++ b/handler/handler.go
@@ -24,8 +24,8 @@ import (
 	"code.vereign.com/code/viam-apis/versions"
 	"github.com/golang/protobuf/proto"

+	keyutils "code.vereign.com/code/key-storage-agent/utils"
 	"code.vereign.com/code/viam-apis/authentication"
-	"code.vereign.com/code/viam-apis/data-storage-agent/client"
 	"code.vereign.com/code/viam-apis/key-storage-agent/api"
 	"code.vereign.com/code/viam-apis/utils"
 	"golang.org/x/net/context"
@@ -34,13 +34,13 @@ import (

 // Server represents the gRPC server
 type KeyStorageServerImpl struct {
-	DataStorageUrl            string
-	CertPEM					  []byte
-	KeyPEM					  []byte
-	CaCertPEM				  []byte
-	VereignCertPEM       	  []byte
-	VereignPrivateKeyPEM	  []byte
-	MaxMessageSize			  int
+	DataStorageUrl       string
+	CertPEM              []byte
+	KeyPEM               []byte
+	CaCertPEM            []byte
+	VereignCertPEM       []byte
+	VereignPrivateKeyPEM []byte
+	MaxMessageSize       int
 }

 var version = "undefined"
@@ -64,8 +64,7 @@ func (s *KeyStorageServerImpl) CreateAuthentication(ctx context.Context) *authen
 func (s *KeyStorageServerImpl) GetKey(ctx context.Context, in *api.GetKeyRequest) (*api.GetKeyResponse, error) {
 	auth := s.CreateAuthentication(ctx)

-	client := &client.DataStorageClientImpl{}
-	client.SetUpClient(auth, s.DataStorageUrl, s.CertPEM, s.KeyPEM, s.CaCertPEM, s.MaxMessageSize)
+	client := keyutils.CreateDataStorageClient(auth)
 	defer client.CloseClient()

 	getKeyResponse := &api.GetKeyResponse{}
@@ -112,8 +111,7 @@ func (s *KeyStorageServerImpl) GetKey(ctx context.Context, in *api.GetKeyRequest
 func (s *KeyStorageServerImpl) SetKey(ctx context.Context, in *api.SetKeyRequest) (*api.SetKeyResponse, error) {
 	auth := s.CreateAuthentication(ctx)

-	client := &client.DataStorageClientImpl{}
-	client.SetUpClient(auth, s.DataStorageUrl, s.CertPEM, s.KeyPEM, s.CaCertPEM, s.MaxMessageSize)
+	client := keyutils.CreateDataStorageClient(auth)
 	defer client.CloseClient()

 	setKeyResponse := &api.SetKeyResponse{}
@@ -147,7 +145,7 @@ func (s *KeyStorageServerImpl) SetKey(ctx context.Context, in *api.SetKeyRequest
 	}

 	result, errors, err := client.DoPutDataCall("keys", in.Uuid+"/"+api.KeyType.String(in.KeyType), in.Key, versions.EntitiesManagementAgentApiVersion)
-	setKeyResponse.StatusList = handlePutDataErrors(setKeyResponse.StatusList, errors, err)
+	setKeyResponse.StatusList = keyutils.HandlePutDataErrors(setKeyResponse.StatusList, errors, err)

 	if setKeyResponse.StatusList == nil || len(setKeyResponse.StatusList) == 0 {
 		setKeyResponse.StatusList = utils.AddStatus(setKeyResponse.StatusList,
@@ -160,13 +158,12 @@ func (s *KeyStorageServerImpl) SetKey(ctx context.Context, in *api.SetKeyRequest
 func (s *KeyStorageServerImpl) ReserveKeyUUID(ctx context.Context, in *api.ReserveKeyUUIDRequest) (*api.ReserveKeyUUIDResponse, error) {
 	auth := s.CreateAuthentication(ctx)

-	client := &client.DataStorageClientImpl{}
-	client.SetUpClient(auth, s.DataStorageUrl, s.CertPEM, s.KeyPEM, s.CaCertPEM, s.MaxMessageSize)
+	client := keyutils.CreateDataStorageClient(auth)
 	defer client.CloseClient()

 	reserveKeyUUIDResponse := &api.ReserveKeyUUIDResponse{}

-	uuid, err := generateUnusedUUID(client)
+	uuid, err := keyutils.GenerateUnusedUUID(client)
 	if err != nil {
 		log.Printf("Error: %v", err)
 		reserveKeyUUIDResponse.StatusList = utils.AddStatus(reserveKeyUUIDResponse.StatusList,
@@ -178,16 +175,16 @@ func (s *KeyStorageServerImpl) ReserveKeyUUID(ctx context.Context, in *api.Reser
 	}

 	result, errors, err := client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_PRIVATE), emptyKey, versions.EntitiesManagementAgentApiVersion)
-	reserveKeyUUIDResponse.StatusList = handlePutDataErrors(reserveKeyUUIDResponse.StatusList, errors, err)
+	reserveKeyUUIDResponse.StatusList = keyutils.HandlePutDataErrors(reserveKeyUUIDResponse.StatusList, errors, err)

 	if reserveKeyUUIDResponse.StatusList == nil || len(reserveKeyUUIDResponse.StatusList) == 0 {
 		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_PUBLIC), emptyKey, versions.EntitiesManagementAgentApiVersion)
-		reserveKeyUUIDResponse.StatusList = handlePutDataErrors(reserveKeyUUIDResponse.StatusList, errors, err)
+		reserveKeyUUIDResponse.StatusList = keyutils.HandlePutDataErrors(reserveKeyUUIDResponse.StatusList, errors, err)
 	}

 	if reserveKeyUUIDResponse.StatusList == nil || len(reserveKeyUUIDResponse.StatusList) == 0 {
 		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_CERTIFICATE), emptyKey, versions.EntitiesManagementAgentApiVersion)
-		reserveKeyUUIDResponse.StatusList = handlePutDataErrors(reserveKeyUUIDResponse.StatusList, errors, err)
+		reserveKeyUUIDResponse.StatusList = keyutils.HandlePutDataErrors(reserveKeyUUIDResponse.StatusList, errors, err)
 	}

 	if reserveKeyUUIDResponse.StatusList == nil || len(reserveKeyUUIDResponse.StatusList) == 0 {
@@ -202,4 +199,4 @@ func (s *KeyStorageServerImpl) ReserveKeyUUID(ctx context.Context, in *api.Reser
 func (s *KeyStorageServerImpl) GetVersionKSA(ctx context.Context, in *api.GetVersionKSAMessage) (*api.GetVersionKSAResponseMessage, error) {
 	log.Println("Version: " + version)
 	return &api.GetVersionKSAResponseMessage{Version: version, Errors: ""}, nil
-}
\ No newline at end of file
+}
--- a/handler/revoke.go
+++ b/handler/revoke.go
@@ -18,6 +18,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
 package handler

 import (
+	keyutils "code.vereign.com/code/key-storage-agent/utils"
 	"code.vereign.com/code/viam-apis/data-storage-agent/client"
 	"code.vereign.com/code/viam-apis/key-storage-agent/api"
 	"code.vereign.com/code/viam-apis/utils"
@@ -28,8 +29,7 @@ import (
 func (s *KeyStorageServerImpl) Revoke(ctx context.Context, in *api.RevokeRequest) (*api.RevokeResponse, error) {
 	auth := s.CreateAuthentication(ctx)

-	client := &client.DataStorageClientImpl{}
-	client.SetUpClient(auth, s.DataStorageUrl, s.CertPEM, s.KeyPEM, s.CaCertPEM, s.MaxMessageSize)
+	client := keyutils.CreateDataStorageClient(auth)
 	defer client.CloseClient()

 	revokeResponse := &api.RevokeResponse{}
@@ -55,7 +55,7 @@ func (s *KeyStorageServerImpl) Revoke(ctx context.Context, in *api.RevokeRequest

 func revokeKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType) []*api.Status {

-	key, statusList := getKey(client, uuid, keyType)
+	key, statusList := keyutils.GetKey(client, uuid, keyType)
 	if statusList != nil {
 		return statusList
 	}
@@ -63,7 +63,7 @@ func revokeKey(client *client.DataStorageClientImpl, uuid string, keyType api.Ke
 	key.Revoked = true

 	_, errors, err := client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(keyType), key, versions.EntitiesManagementAgentApiVersion)
-	statusList = handlePutDataErrors(statusList, errors, err)
+	statusList = keyutils.HandlePutDataErrors(statusList, errors, err)
 	if statusList != nil && len(statusList) > 0 {
 		return statusList
 	}

--- a/main.go
+++ b/main.go
@@ -20,24 +20,24 @@ package main
 import (
 	"log"

+	"code.vereign.com/code/key-storage-agent/config"
 	"code.vereign.com/code/key-storage-agent/server"
-	"github.com/spf13/viper"
 )

 // main start a gRPC server and waits for connection
 func main() {
-	server.SetConfigValues()
-
-	grpcAddress := viper.GetString("grpcListenAddress")
-	restAddress := viper.GetString("restListenAddress")
-	dataStorageAddress := viper.GetString("dataStorageUrl")
-	certPem := server.GetCertificatePEM()
-	keyPem := server.GetPrivateKeyPEM()
-	caCertPem := server.GetCaCertificatePEM()
-	vereignCaCertificatePem := server.GetVereignCaCertificatePEM()
-	vereignCaKeyPem := server.GetVereignCaKeyPEM()
-
-	maxMessageSize := viper.GetInt("maxMessageSize")
+	config.SetConfigValues()
+
+	grpcAddress := config.GrpcListenAddress
+	restAddress := config.RestListenAddress
+	dataStorageAddress := config.DataStorageUrl
+	certPem := config.CertificatePEM
+	keyPem := config.PrivateKeyPEM
+	caCertPem := config.CaCertificatePEM
+	vereignCaCertificatePem := config.VereignCaCertificatePEM
+	vereignCaKeyPem := config.VereignCaKeyPEM
+
+	maxMessageSize := config.MaxMessageSize

 	// fire the gRPC server in a goroutine
 	go func() {

--- a/server/server.go
+++ b/server/server.go
@@ -18,24 +18,25 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

 import (
+	"crypto/tls"
+	"crypto/x509"
 	"fmt"
 	"log"
 	"net"
 	"net/http"
 	"strings"
-	"crypto/x509"
-	"crypto/tls"
-	"github.com/grpc-ecosystem/grpc-gateway/runtime"
-	"golang.org/x/net/context"
+
+	"code.vereign.com/code/key-storage-agent/config"
 	"code.vereign.com/code/key-storage-agent/handler"
 	"code.vereign.com/code/key-storage-agent/session"
+	"code.vereign.com/code/key-storage-agent/utils"
 	"code.vereign.com/code/viam-apis/authentication"
-	"code.vereign.com/code/viam-apis/data-storage-agent/client"
 	api "code.vereign.com/code/viam-apis/key-storage-agent/api"
+	"github.com/grpc-ecosystem/grpc-gateway/runtime"
+	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
-	"github.com/spf13/viper"
 )

 // private type for Context keys
@@ -66,12 +67,11 @@ func authenticateClient(ctx context.Context, s *handler.KeyStorageServerImpl, in
 		}

 		viamAuth := &authentication.Authentication{
-			Uuid:    viper.GetString("viamUUID"),
-			Session: viper.GetString("viamSession"),
+			Uuid:    config.SystemAuth.Uuid,
+			Session: config.SystemAuth.Session,
 		}

-		sessionClient := &client.DataStorageClientImpl{}
-		sessionClient.SetUpClient(viamAuth, viper.GetString("dataStorageUrl"), pkgCertPEM, pkgKeyPEM, pkgCaCertPEM, viper.GetInt("maxMessageSize"))
+		sessionClient := utils.CreateDataStorageClient(viamAuth)
 		defer sessionClient.CloseClient()

 		if clientAuth.Uuid == viamAuth.Uuid {
@@ -123,46 +123,46 @@ func StartGRPCServer(address string, certPEM, privateKeyPEM, caCertPEM, vereignC

 	// create a server instance
 	s := handler.KeyStorageServerImpl{
-		DataStorageUrl:         dataStorageAddress,
-		CertPEM:              	certPEM,
-		KeyPEM:			   		privateKeyPEM,
-		CaCertPEM:			   	caCertPEM,
-		VereignCertPEM:       	vereignCertPEM,
-		VereignPrivateKeyPEM: 	vereignPrivateKeyPEM,
-		MaxMessageSize:			maxMessageSize,
+		DataStorageUrl:       dataStorageAddress,
+		CertPEM:              certPEM,
+		KeyPEM:               privateKeyPEM,
+		CaCertPEM:            caCertPEM,
+		VereignCertPEM:       vereignCertPEM,
+		VereignPrivateKeyPEM: vereignPrivateKeyPEM,
+		MaxMessageSize:       maxMessageSize,
 	}

 	// Load the certificates from PEM Strings
-    certificate, err := tls.X509KeyPair(certPEM, privateKeyPEM)
-    
+	certificate, err := tls.X509KeyPair(certPEM, privateKeyPEM)
+
 	if err != nil {
 		log.Printf("Error: %v", err)
 		return fmt.Errorf("could not load server key pair: %s", err)
 	}

 	// Create a certificate pool from the certificate authority
-    // Get the SystemCertPool, continue with an empty pool on error
+	// Get the SystemCertPool, continue with an empty pool on error
 	certPool, _ := x509.SystemCertPool()
 	if certPool == nil {
 		certPool = x509.NewCertPool()
 	}
-	
+
 	if ok := certPool.AppendCertsFromPEM(caCertPEM); !ok {
-        return fmt.Errorf("failed to append server certs")
-    }
+		return fmt.Errorf("failed to append server certs")
+	}

-    // Create the TLS credentials
-    creds := credentials.NewTLS(&tls.Config{
-    	//ClientAuth:   tls.RequireAndVerifyClientCert,
-    	Certificates: []tls.Certificate{certificate},
-    	ClientCAs:    certPool,
-    })
+	// Create the TLS credentials
+	creds := credentials.NewTLS(&tls.Config{
+		//ClientAuth:   tls.RequireAndVerifyClientCert,
+		Certificates: []tls.Certificate{certificate},
+		ClientCAs:    certPool,
+	})

 	// Create an array of gRPC options with the credentials
 	opts := []grpc.ServerOption{
 		grpc.Creds(creds),
-		grpc.UnaryInterceptor(unaryInterceptor), 
-		grpc.MaxRecvMsgSize(viper.GetInt("maxMessageSize")*1024*1024),
+		grpc.UnaryInterceptor(unaryInterceptor),
+		grpc.MaxRecvMsgSize(config.MaxMessageSize * 1024 * 1024),
 	}

 	// create a gRPC server object
@@ -193,9 +193,9 @@ func StartRESTServer(address, grpcAddress string, certPEM []byte) error {
 	}

 	// Append the client certificates from the CA
-    if ok := certPool.AppendCertsFromPEM(certPEM); !ok {
-        return fmt.Errorf("failed to append client certs")
-    }
+	if ok := certPool.AppendCertsFromPEM(certPEM); !ok {
+		return fmt.Errorf("failed to append client certs")
+	}

 	creds := credentials.NewClientTLSFromCert(certPool, "")


--- a/handler/utils.go
+++ b/handler/utils.go
@@ -15,28 +15,33 @@ You should have received a copy of the GNU Affero General Public License
 along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

-package handler
+package utils

 import (
 	"crypto/rand"
 	"crypto/x509"
 	"errors"
 	"fmt"
-	"log"
 	"io"
+	"log"
+
+	"encoding/pem"
+	"io/ioutil"

+	"code.vereign.com/code/key-storage-agent/config"
+	"code.vereign.com/code/viam-apis/authentication"
+	"code.vereign.com/code/viam-apis/clientutils"
 	"code.vereign.com/code/viam-apis/data-storage-agent/client"
+	dsclient "code.vereign.com/code/viam-apis/data-storage-agent/client"
 	"code.vereign.com/code/viam-apis/key-storage-agent/api"
 	"code.vereign.com/code/viam-apis/utils"
 	"github.com/golang/protobuf/proto"
-	"encoding/pem"
-	"io/ioutil"
 )

-func generateUnusedUUID(client *client.DataStorageClientImpl) (string, error) {
+func GenerateUnusedUUID(client *client.DataStorageClientImpl) (string, error) {
 	count := 0
 	for {
-		uuid, err := newUUID()
+		uuid, err := NewUUID()

 		// check that uuid is not used
 		data, _ := client.DoGetDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_PRIVATE))
@@ -51,7 +56,7 @@ func generateUnusedUUID(client *client.DataStorageClientImpl) (string, error) {
 	}
 }

-func newUUID() (string, error) {
+func NewUUID() (string, error) {
 	uuid := make([]byte, 16)
 	n, err := io.ReadFull(rand.Reader, uuid)
 	if n != len(uuid) || err != nil {
@@ -64,7 +69,7 @@ func newUUID() (string, error) {
 	return fmt.Sprintf("%x-%x-%x-%x-%x", uuid[0:4], uuid[4:6], uuid[6:8], uuid[8:10], uuid[10:]), nil
 }

-func handlePutDataErrors(statusList []*api.Status, errors string, err error) []*api.Status {
+func HandlePutDataErrors(statusList []*api.Status, errors string, err error) []*api.Status {
 	if err != nil {
 		log.Printf("Error: %v", err)
 		statusList = utils.AddStatus(statusList, "500", api.StatusType_ERROR, err.Error())
@@ -75,8 +80,8 @@ func handlePutDataErrors(statusList []*api.Status, errors string, err error) []*
 	return statusList
 }

-func readCertificateFromPEM(pemString []byte) (*x509.Certificate, error) {
-	certificatePemBlock, err := readPemBlockFromBytes(pemString)
+func ReadCertificateFromPEM(pemString []byte) (*x509.Certificate, error) {
+	certificatePemBlock, err := ReadPemBlockFromBytes(pemString)
 	if err != nil {
 		log.Printf("Error: %v", err)
 		return nil, err
@@ -91,7 +96,7 @@ func readCertificateFromPEM(pemString []byte) (*x509.Certificate, error) {
 	return certificate, nil
 }

-func readPemBlockFromBytes(pemString []byte) (*pem.Block, error) {
+func ReadPemBlockFromBytes(pemString []byte) (*pem.Block, error) {
 	fileBytes := pemString

 	certificatePemBlock, _ := pem.Decode(fileBytes)
@@ -99,8 +104,8 @@ func readPemBlockFromBytes(pemString []byte) (*pem.Block, error) {
 	return certificatePemBlock, nil
 }

-func readCertificateFromFile(fileName string) (*x509.Certificate, error) {
-	certificatePemBlock, err := readPemBlockFromFile(fileName)
+func ReadCertificateFromFile(fileName string) (*x509.Certificate, error) {
+	certificatePemBlock, err := ReadPemBlockFromFile(fileName)
 	if err != nil {
 		log.Printf("Error: %v", err)
 		return nil, err
@@ -115,7 +120,7 @@ func readCertificateFromFile(fileName string) (*x509.Certificate, error) {
 	return certificate, nil
 }

-func readPemBlockFromFile(fileName string) (*pem.Block, error) {
+func ReadPemBlockFromFile(fileName string) (*pem.Block, error) {
 	fileBytes, err := ioutil.ReadFile(fileName)
 	if err != nil {
 		log.Printf("Error: %v", err)
@@ -127,7 +132,7 @@ func readPemBlockFromFile(fileName string) (*pem.Block, error) {
 	return certificatePemBlock, nil
 }

-func getKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType) (*api.Key, []*api.Status) {
+func GetKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType) (*api.Key, []*api.Status) {
 	statusList := []*api.Status{}

 	data, _ := client.DoGetDataCall("keys", uuid+"/"+api.KeyType.String(keyType))
@@ -141,3 +146,8 @@ func getKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyTy

 	return key, nil
 }
+
+func CreateDataStorageClient(auth *authentication.Authentication) *dsclient.DataStorageClientImpl {
+	return clientutils.CreateDataStorageClient(auth, config.DataStorageUrl, config.CertificatePEM,
+		config.PrivateKeyPEM, config.CaCertificatePEM, config.MaxMessageSize)
+}